1 April 2009

Depending on the type of attack we are performing, ie targeted (T) or non-targeted (NT), we can try the following phishie methods against our targets:

Send an email to the victim asking to visit a link.

Send an email to the victim having the malicious file attached into.

Leave near the company a couple of USB pendrives loaded with your juicy files, a VBA macro embedded in a MSOffice Word document, a trapped PDF file, a single HTML page that triggers an known vulnerability the list can easily go on.

If company's employees are using social networks you can join the group, create a good fictitious scenario and ask them to visit your link.

If you have access to an open shared directory you can leave your file there, give it a nice attractive name, or masquerade its icons, or merge the file into another naive file.

For those cases where you have to distribute your malicious files via a link, you can:

Host your files on your own machine

Host the files into an already compromised box

Use TinyURL to soft-hide destinations of the link from unsuspecting users

Use an online file hosting provider such as RapidShare

If in a LAN environment, you can create a UNC shortcut which points to your files in the web.

If you know their mobile numbers you can always text them the link, or using some social engineering you can pretend that you are one of their colleagues who has just changed mobile number and you just asking the victim to check fileXYZ which is located in their open shared directory if it loads OK blah blah...you get the idea.

Read the book "The Art of Deception" to get an idea how the users can be tricked and understand the saying "your weakest link is the human factor".